CVE-2014-5345

Currently unrated

Key Information:

Vendor: Wordpress
Status: Disqus Comment System
Vendor: CVE Published:; 19 August 2014

Summary

Cross-site scripting (XSS) vulnerability in upgrade.php in the Disqus Comment System plugin before 2.76 for WordPress allows remote attackers to inject arbitrary web script or HTML via the step parameter.

References

https://wordpress.org/plugins/disqus-comment-system/other...

x_refsource_CONFIRM

http://packetstormsecurity.com/files/127847/WordPress-Dis...

x_refsource_MISC

http://seclists.org/fulldisclosure/2014/Aug/35

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 19, 2014